...
Trouble Shooting SSH Key Credentials
Invalid Format
If there is an error that occurs when using an SSH Key credential that includes the message “invalid format”, then it might be possible that the key was not formatted properly when it was uploaded.
...
The private key file must have Unix EOL characters, and must have an empty line at the end of the file. When you generate a private key using OpenSSH, then the resulting private key will have Unix EOL characters even if generated on a Windows machine. The screenshot below is an example of the proper EOL format. The actual key content itself does not matter, but notice the End of Line characters. You can enable the EOL symbols in Notepad++ by clicking View → Show Symbol → Show End of Line.
...
If copying the content of an existing private key to a new file then it may result in improper formatting. Here is an example of an invalid format which would cause the error shown above.
...
Similarly, the file may have Windows EOL characters which will appear as CR LF. To convert to Unix EOL characters in Notepad++, you can use Edit → EOL Conversion → Unix to correct it.
...
Permission denied (publickey)
This error shows up when trying to connect to a github GIT repository.
...
The most common reasons for this error happening are
Public key is not uploaded to a user’s GIT account. Instructions on how to do this will vary by GIT provider, but here is a link on how to do it in GitHub: https://docs.github.com/en/authentication/connecting-to-github-with-ssh/adding-a-new-ssh-key-to-your-github-account
Passphrase is incorrect for connecting with the private key
GIT URL could be incorrect
Authenticating user may not have access to the repository in the GIT URL property
A couple of other reasons could be
The system that is authenticating with GIT has an old version of OpenSSH (could use SHA-1 signing of keys) that does not support handling keys generated from a newer version (SHA-2 signature). This could result in a newer SHA-2 signed key trying to be accessed by an older version of OpenSSH that is only aware of SHA-1 signing. Additionally, most GIT providers will only accept SHA-2 signed keys. Please ensure that the OpenSSH version installed is 8.0+ on systems that will be performing GIT operations.
The system that is authenticating with GIT is Windows-based and is running a version of OpenSSH that is less than 8.4. Please see the Executing On Windows Endpoint With Git Plugin section below.
Executing On Windows Endpoint With GIT Plugin
For endpoints that are Windows based, it is recommended that the OpenSSH version is 8.4+. When executing GIT plugin operations on a Windows system, FlexDeploy uses the SSH_ASKPASS_REQUIRE environment variable to supply the passphrase of the private key. This environment variable was introduced in OpenSSH 8.4. If the version is <8.4, then trying to use SSH Keys with passphrases will not work, and will result in an error that includes the message Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists. which could be misleading as there are many factors that will cause that error message.
Certificate
Certificate credentials support a certificate file upload and an optional password.
...